43 matches found
EUVD-2009-3352
Malware in sbrugna...
SUSE CVE-2009-3370
Mozilla Firefox before 3.0.15, and 3.5.x before 3.5.4, allows remote attackers to read form history by forging mouse and keyboard events that leverage the auto-fill feature to populate form fields, in an attacker-readable form, with history entries...
Ubuntu: Security Advisory (USN-853-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Information Disclosure
firefox is vulnerable to information disclosure. The vulnerability exists as a flaw was found in the way Firefox displayed the autocomplete pop-up. Malicious content could use this flaw to steal form history information...
Scientific Linux Security Update : firefox on SL4.x, SL5.x, SL6.x i386/x86_64
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could possibly lead to arbitrary code execution with the privileges of th...
Mozilla Products Multiple Vulnerabilities May-11 (Windows)
The host is installed with Mozilla Firefox or Seamonkey and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaprdtsmultvulnwinmay11.nasl 7015 2017-08-28 11:51:24Z teissa $ Mozilla Products Multiple Vulnerabilities May-11 Windows Authors: Sooraj KS Copyright: Copyright...
Authentication flaw
Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly implement autocompletion for forms, which allows remote attackers to read form history entries via a Java applet that spoofs interaction with the autocomplete controls...
openSUSE Security Update : MozillaFirefox (MozillaFirefox-4459)
Mozilla Firefox was updated to the 3.6.17 security release. MFSA 2011-12: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances,...
CVE-2011-0067
Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly implement autocompletion for forms, which allows remote attackers to read form history entries via a Java applet that spoofs interaction with the autocomplete controls...
CentOS 4 / 5 : firefox (CESA-2011:0471)
Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
Mozilla Foundation Security Advisory 2011-14
Mozilla Foundation Security Advisory 2011-14 Title: Information stealing via form history Impact: Moderate Announced: April 28, 2011 Reporter: Paul Stone Products: Firefox, SeaMonkey Fixed in: Firefox 3.6.17 Firefox 3.5.19 SeaMonkey 2.0.14 Description Security researcher Paul Stone reported that ...
Mozilla untrusted events can trigger autocomplete popup (MFSA 2011-14)
Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly implement autocompletion for forms, which allows remote attackers to read form history entries via a Java applet that spoofs interaction with the autocomplete controls...
Mozilla Firefox 3.6.x < 3.6.17 Multiple Vulnerabilities
Binary data 5901.prm...
Firefox 3.6 < 3.6.17 Multiple Vulnerabilities
The installed version of Firefox 3.6 is earlier than 3.6.17. Such versions are potentially affected by the following security issues : - Multiple use-after-free errors exist in the handling of the object attributes 'mChannel', 'mObserverList' and 'nsTreeRange'. CVE-2011-0065, CVE-2011-0066,...
Information stealing via form history — Mozilla
Security researcher Paul Stone reported that a Java applet could be used to mimic interaction with form autocomplete controls and steal entries from the form history...
Mozilla SeaMonkey < 2.0.14 Multiple Vulnerabilities
Binary data 801324.prm...
SeaMonkey < 2.0.14 Multiple Vulnerabilities
Binary data 5904.prm...
SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 6609)
The Mozilla Firefox browser was updated to version 3.5.4 to fix various bugs and security issues. The following security issues have been fixed : - Security researcher Paul Stone reported that a user's form history, both from web content as well as the smart location bar, was vulnerable to theft....
SuSE 10 Security Update : Mozilla XULRunner (ZYPP Patch Number 6617)
The Mozilla XULRunner engine was updated to version 1.9.0.15 to fix various bugs and security issues. The following security issues have been fixed : - Security researcher Paul Stone reported that a user's form history, both from web content as well as the smart location bar, was vulnerable to...
Mandriva Linux Security Advisory : firefox (MDVSA-2009:294)
Security issues were identified and fixed in firefox 3.5.x : Security researcher Alin Rad Pop of Secunia Research reported a heap-based buffer overflow in Mozilla's string to floating point number conversion routines. Using this vulnerability an attacker could craft some malicious JavaScript code...